Distributed file systems offer many compelling advantages in establishing high performance computing environments. One example is the ability to easily expand, even at large scale. Another example is the ability to support multiple unique network protocols. In one example, a distributed file system can operate under a cluster of nodes topology, whereby clients can connect to any node among the cluster of nodes to perform file system activity.
When accessing the file system, and connecting to individual nodes among a cluster of nodes, the distributed file system may seek to move or redirect clients from one node to another. For example, to achieve load balancing, a client on an overburdened node may be moved to a node that has spare capacity. It can be appreciated that by efficiently moving clients between nodes among a cluster of nodes, aggregate client performance can be increased. In another example, a node can suffer node failure, whereby the node is no longer responsive to client requests. In this example, a client may be redirected to a different node that is still functioning and capable of fulfilling client requests.
When connecting to a node, clients first must be authenticated to determine if they have the appropriate privileges to access the file system. If the client is authenticated, the distributed file system can provide a token that is a unique string of characters. The token can then be included in the header parameter of subsequent requests from the client. The token persists with the client and allows the client to perform file system requests without resubmitting authentication information such as a user name, password, account, etc. for each subsequent client request.
One means for validating the token across all nodes of a cluster of nodes would be to store each authenticated token as a file or as a part of a file within the distributed file system. The file would be accessible to all nodes within the cluster of nodes, and each time a token is received as a part of a client request, the shared file can be used to determine whether the token is valid. However, it can be appreciated that the overhead associated with maintaining a shared file of valid tokens, and consulting the shared file to match a received token with potentially hundreds or thousands of valid tokens within the shared file make such a solution taxing of resources when used in large scale implementations. Therefore, there exists a need for an efficient solution at scale to validate previously authenticated users of a distributed file system across all nodes of a cluster of nodes.